<?php
/**
 登录检测并设置超全局cookie防止直接http无权限访问
 */
$adminAccount = $_POST['AdminAccount'];
if (empty($adminAccount)){
    echo "参数错误";
    exit();
}
$adminPassword = $_POST['AdminPassword'];

//连接数据库
$dsn = "mysql:host=127.0.0.1;dbname=blog";
$db = new pdo($dsn,"root","123456");

//更改默认的utf8为utf8mb4以防中文乱码
$db->exec("set names utf8mb4");

$selectSql = "select * from Admin where AdminAccount='{$adminAccount}'";
$statement = $db ->query($selectSql);
$adminInfo = $statement ->fetch(PDO::FETCH_ASSOC);

if ($adminInfo && $adminInfo['AdminPassword'] == $adminPassword){
    setcookie("AdminId", $adminInfo['AdminId']);
    setcookie("AdminAccount", $adminInfo['AdminAccount']);
    echo "登录成功<br />";
    echo "<a href='category_list.php'>进入分类列表页面</a>";
    echo "<a href='article_list.php'>进入文章列表页面</a>";
    exit();
} else{
    echo "登录失败,账号或者密码错误";
}